NetLogon error 5805

[Guest]

I have a forest with several child domains, disrbuted on several site with
nearly every site having its own child domain.

as for site 1 & site 2 everything is working fine, but site 3 i have a
strange problem when i try loggin on with EA account i get access denied and
also this error is registered in the application event log of the parnet
server (netlogon error 5805 - The session setup from the computer [child]
failed to authenticate. The following error occurred: Access is denied. )

also running dcdiag /fix on child it failed the knowsOfRoleHolders test with
the following
[parnet] is the schema owner but is not responding to LDAP bind.
[parnet] is the domain owner but is not responding to LDAP bind / DS RPC bind.

active directery replication is ok, DNS is ok, WINS, Dnslint ...etc shared
files, exchange, accessing database on the parnet server all works fine,
little slow but works.

as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP links
works from parnet to child but fails from child to parnet & SMTP site link is
used instead.

please i need help

 

[Chriss3 [MVP]]

Is there a internal firewall in place?

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup

 

[Guest]

Yes, and i have checked and tried telnet on port 389 & 53 both responded both
ways, is there another way to test?

Is there a internal firewall in place?

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Tips

I have a forest with several child domains, disrbuted on several site with
nearly every site having its own child domain.

as for site 1 & site 2 everything is working fine, but site 3 i have a
strange problem when i try loggin on with EA account i get access denied
and
also this error is registered in the application event log of the parnet
server (netlogon error 5805 - The session setup from the computer [child]
failed to authenticate. The following error occurred: Access is denied. )

also running dcdiag /fix on child it failed the knowsOfRoleHolders test
with
the following
[parnet] is the schema owner but is not responding to LDAP bind.
[parnet] is the domain owner but is not responding to LDAP bind / DS RPC
bind.

active directery replication is ok, DNS is ok, WINS, Dnslint ...etc shared
files, exchange, accessing database on the parnet server all works fine,
little slow but works.

as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP
links
works from parnet to child but fails from child to parnet & SMTP site link
is
used instead.

please i need help

 

[Chriss3 [MVP]]

Have a look at threes articles below:

Active Directory in Networks Segmented by Firewalls:
http://www.microsoft.com/downloads/...46-43f0-4caf-9767-a9166368434e&DisplayLang=en

Restricting Active Directory Replication Traffic to a Specific Port:
http://support.microsoft.com/default.aspx?scid=kb;en-us;224196

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Tips

Yes, and i have checked and tried telnet on port 389 & 53 both responded
both
ways, is there another way to test?

Is there a internal firewall in place?

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Tips

I have a forest with several child domains, disrbuted on several site
with
nearly every site having its own child domain.

as for site 1 & site 2 everything is working fine, but site 3 i have a
strange problem when i try loggin on with EA account i get access
denied
and
also this error is registered in the application event log of the
parnet
server (netlogon error 5805 - The session setup from the computer
[child]
failed to authenticate. The following error occurred: Access is
denied. )

also running dcdiag /fix on child it failed the knowsOfRoleHolders test
with
the following
[parnet] is the schema owner but is not responding to LDAP bind.
[parnet] is the domain owner but is not responding to LDAP bind / DS
RPC
bind.

active directery replication is ok, DNS is ok, WINS, Dnslint ...etc
shared
files, exchange, accessing database on the parnet server all works
fine,
little slow but works.

as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP
links
works from parnet to child but fails from child to parnet & SMTP site
link
is
used instead.

please i need help

 

[Guest]

i went thorugh both links, thanks, i have even found my self another one [
active directory replication over firewalls ] though i went & opened all port
described in that article i still failed, but when i changed the site links
from IP to SMTP replication worked fine, and the netlogon error was replcaed
with a new one netlogon error 5723 [ the session setup from computer 'child'
failed because the security database dose not contain a trust account
'child$' refernced by the specified computer.

i still can't logon to the dc with EA and still fail dcdiag in the
knowsRoleHolder test in the schema & domain owner tests.

Do you still think it is a firewall problem? is there a tool i could use to
test the firwall if its filtering the AD data? could i trace the
authenication data and see where its failing? does have a high latency (ping
is 400-800 ms) network cause such problem?

Have a look at threes articles below:

Active Directory in Networks Segmented by Firewalls:
http://www.microsoft.com/downloads/...46-43f0-4caf-9767-a9166368434e&DisplayLang=en

Restricting Active Directory Replication Traffic to a Specific Port:
http://support.microsoft.com/default.aspx?scid=kb;en-us;224196

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Tips

Yes, and i have checked and tried telnet on port 389 & 53 both responded
both
ways, is there another way to test?

Is there a internal firewall in place?

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Tips

"Int'l Aromatics" <[email protected]> skrev i
meddelandet I have a forest with several child domains, disrbuted on several site
with
nearly every site having its own child domain.

as for site 1 & site 2 everything is working fine, but site 3 i have a
strange problem when i try loggin on with EA account i get access
denied
and
also this error is registered in the application event log of the
parnet
server (netlogon error 5805 - The session setup from the computer
[child]
failed to authenticate. The following error occurred: Access is
denied. )

also running dcdiag /fix on child it failed the knowsOfRoleHolders test
with
the following
[parnet] is the schema owner but is not responding to LDAP bind.
[parnet] is the domain owner but is not responding to LDAP bind / DS
RPC
bind.

active directery replication is ok, DNS is ok, WINS, Dnslint ...etc
shared
files, exchange, accessing database on the parnet server all works
fine,
little slow but works.

as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP
links
works from parnet to child but fails from child to parnet & SMTP site
link
is
used instead.

please i need help